SessionPrx RegistryI::createSessionFromSecureConnection(const Current& current) { if(!_master) { PermissionDeniedException ex; ex.reason = "client session creation is only allowed with the master registry."; throw ex; } assert(_reaper && _clientSessionFactory); if(!_sslClientVerifier) { PermissionDeniedException ex; ex.reason = "no ssl permissions verifier configured, use the property\n"; ex.reason += "`IceGrid.Registry.SSLPermissionsVerifier' to configure\n"; ex.reason += "a permissions verifier."; throw ex; } string userDN; Glacier2::SSLInfo info = getSSLInfo(current.con, userDN); if(userDN.empty()) { PermissionDeniedException ex; ex.reason = "empty user DN"; throw ex; } try { string reason; if(!_sslClientVerifier->authorize(info, reason, current.ctx)) { PermissionDeniedException exc; exc.reason = reason; throw exc; } } catch(const LocalException& ex) { if(_traceLevels && _traceLevels->session > 0) { Trace out(_traceLevels->logger, _traceLevels->sessionCat); out << "exception while verifying password with SSL client permission verifier:\n" << ex; } PermissionDeniedException exc; exc.reason = "internal server error"; throw exc; } SessionIPtr session = _clientSessionFactory->createSessionServant(userDN, 0); Ice::ObjectPrx proxy = session->_register(_servantManager, current.con); _reaper->add(new SessionReapable<SessionI>(_traceLevels->logger, session), _sessionTimeout); return SessionPrx::uncheckedCast(proxy); }
Glacier2::SessionPrx ClientSessionFactory::createGlacier2Session(const string& sessionId, const Glacier2::SessionControlPrx& ctl) { assert(_servantManager); SessionIPtr session = createSessionServant(sessionId, ctl); Ice::ObjectPrx proxy = session->_register(_servantManager, 0); int timeout = 0; if(ctl) { try { if(_filters) { Ice::IdentitySeq ids; Ice::Identity queryId; queryId.category = _database->getInstanceName(); queryId.name = "Query"; ids.push_back(queryId); _servantManager->setSessionControl(session, ctl, ids); } timeout = ctl->getSessionTimeout(); } catch(const Ice::LocalException& e) { session->destroy(Ice::Current()); Ice::Warning out(_database->getTraceLevels()->logger); out << "Failed to callback Glacier2 session control object:\n" << e; Glacier2::CannotCreateSessionException ex; ex.reason = "internal server error"; throw ex; } } _reaper->add(new SessionReapable<SessionI>(_database->getTraceLevels()->logger, session), timeout); return Glacier2::SessionPrx::uncheckedCast(proxy); }